SysinternalsAntivirus

It is a fake antivirus program which deceives users and warns them of unexisting threats in their computers. It does not allow the files with an EXE extension to be run. It can reach the computer when the user accesses certain websites which display banners or pop-up windows which lead to the download of this program.

Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:

June 4, 2010

Detection updated on:

July 7, 2010

Statistics

No

Brief Description

SysinternalsAntivirus is an adware program which attempts to deceive users by using a known name to be called, like Sysinternals, whose owner is Microsoft.

SysinternalsAntivirus warns users of unexisting threats in their computers so that they purchase a certain program that removes them from the computer.

Additionally, it prevents users from working with the computer, as it blocks the execution of the files with an EXE extension, displaying a message informing them that these files are infected.

SysinternalsAntivirus can reach the computer when the user accesses certain websites which display banners or pop-up windows which lead to the download of this program. It can also reach the computer in a link that can be received via spam messages, fraudulent websites, etc.

Visible Symptoms

SysinternalsAntivirus is easy to recognize, as it shows the symptoms below:

It reaches the computer in a file with the following icon:

When it is run and installed, the interface of the program is displayed and starts scanning the system in search for possible malware:

Once finished, it displays a warning message informing users that the program has found several infected programs and documents in the computer: